Risk assessment of X.509 certificate by evaluating Certification Practice Statements

TL;DR: A model which calculates the risk associated with X.509 certificates by evaluating Certificate Practice statement (CPS) document and by using certain trust criteria is suggested, which has application in detecting phishing websites which contain Https URL.

Abstract: Now a days, a lot of people and groups are using X.509 certificates to represent their identity, during online trade, so the level of purity and trustworthiness of these certificates becomes dubious. Hence, we have suggested a model which calculates the risk associated with X.509 certificates by evaluating Certificate Practice statement (CPS) document and by using certain trust criteria. For evaluating CPS document we have proposed a novel algorithm which locates certain attributes, in the CPS document. We are referring to these attributes from the prior paper of Omar and Lindsay. Our model categorizes risk in three levels-High, Medium and Low risk. It has application in detecting phishing websites which contain Https URL.